CVE-2010-4181
published 2010-11-04CVE-2010-4181: Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
PriorityP340medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.45%
94.3th percentile
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | yaws | — | — |
| yaws | yaws | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_debian5.0LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rhfm-3h2p-hpj5: Directory traversal vulnerability in Yaws 1
ghsa_unreviewed·2022-05-17
CVE-2010-4181 [MEDIUM] CWE-22 GHSA-rhfm-3h2p-hpj5: Directory traversal vulnerability in Yaws 1
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
Debian
CVE-2010-4181: yaws - Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read a...
vendor_debian·2010·CVSS 5.0
CVE-2010-4181 [MEDIUM] CVE-2010-4181: yaws - Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read a...
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
http://osvdb.org/68962http://secunia.com/advisories/42066http://www.exploit-db.com/exploits/15371http://www.securityfocus.com/bid/44564http://www.vupen.com/english/advisories/2010/2858https://exchange.xforce.ibmcloud.com/vulnerabilities/62917http://osvdb.org/68962http://secunia.com/advisories/42066http://www.exploit-db.com/exploits/15371http://www.securityfocus.com/bid/44564http://www.vupen.com/english/advisories/2010/2858https://exchange.xforce.ibmcloud.com/vulnerabilities/62917
2010-11-04
Published